ugc-scripts
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates within a restricted environment, using vendor-provided tools to access marketing insights and brand data. It lacks tools for persistent storage, network communication, or system command execution. All file access targets configuration and reference files within the authorized skill and plugin directories.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes external content from marketing transcripts and insights.
- Ingestion points: Ad transcripts retrieved via
mcp__motion__get_creative_transcriptand performance insights frommcp__motion__get_creative_insights. - Boundary markers: The workflow is strictly governed by a multi-phase structure and qualitative checks (Phase 2 and Phase 3), which act as functional constraints, though explicit delimiters for external data are absent.
- Capability inventory: The agent is limited to information retrieval and text generation. No access to subprocess execution, file writing, or network operations is granted.
- Sanitization: No explicit input sanitization or validation routines are specified for external data sources.
Audit Metadata